prometheus-node-exporter
Helm chart
Request a free trial
Contact our team to test out this Helm chart and related images for free. Please also indicate any other images you would like to evaluate.
Tag:
1
# Default values for prometheus-node-exporter.
2
# This is a YAML-formatted file.
3
# Declare variables to be passed into your templates.
4
image:
5
registry: cgr.dev
6
repository: chainguard-private/prometheus-node-exporter
7
# Overrides the image tag whose default is {{ printf "v%s" .Chart.AppVersion }}
8
tag: latest
9
# Use the distroless image variant.
10
distroless: false
11
pullPolicy: IfNotPresent
12
digest: sha256:8e4df20ac30a7cf47fe612b02333714c75d0dec30e51c59117c440b7410530a1
13
imagePullSecrets: []
14
# - name: "image-pull-secret"
15
nameOverride: ""
16
fullnameOverride: ""
17
# Number of old history to retain to allow rollback
18
# Default Kubernetes value is set to 10
19
revisionHistoryLimit: 10
20
global:
21
# To help compatibility with other charts which use global.imagePullSecrets.
22
# Allow either an array of {name: pullSecret} maps (k8s-style), or an array of strings (more common helm-style).
23
# global:
24
# imagePullSecrets:
25
# - name: pullSecret1
26
# - name: pullSecret2
27
# or
28
# global:
29
# imagePullSecrets:
30
# - pullSecret1
31
# - pullSecret2
32
imagePullSecrets: []
33
#
34
# Allow parent charts to override registry hostname
35
imageRegistry: ""
36
# Configure kube-rbac-proxy. When enabled, creates a kube-rbac-proxy to protect the node-exporter http endpoint.
37
# The requests are served through the same service but requests are HTTPS.
38
kubeRBACProxy:
39
enabled: false
40
## Set environment variables as name/value pairs
41
env: {}
42
# VARIABLE: value
43
image:
44
registry: cgr.dev
45
repository: chainguard-private/kube-rbac-proxy
46
tag: latest
47
sha: sha256:910f21d91afc35b914309c7e3caed27d7f85cfa437bf60142c6e8f22681cd9b9
48
pullPolicy: IfNotPresent
49
# List of additional cli arguments to configure kube-rbac-proxy
50
# for example: --tls-cipher-suites, --log-file, etc.
51
# all the possible args can be found here: https://github.com/brancz/kube-rbac-proxy#usage
52
extraArgs: []
53
## Specify security settings for a Container
54
## Allows overrides and additional options compared to (Pod) securityContext
55
## Ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-container
56
containerSecurityContext: {}
57
# Specify the port used for the Node exporter container (upstream port)
58
port: 8100
59
# Specify the name of the container port
60
portName: http
61
# Configure a hostPort. If true, hostPort will be enabled in the container and set to service.port.
62
enableHostPort: false
63
# Configure Proxy Endpoints Port
64
# This is the port being probed for readiness
65
proxyEndpointsPort: 8888
66
# Configure a hostPort. If true, hostPort will be enabled in the container and set to proxyEndpointsPort.
67
enableProxyEndpointsHostPort: false
68
resources: {}
69
# We usually recommend not to specify default resources and to leave this as a conscious
70
# choice for the user. This also increases chances charts run on environments with little
71
# resources, such as Minikube. If you do want to specify resources, uncomment the following
72
# lines, adjust them as necessary, and remove the curly braces after 'resources:'.
73
# limits:
74
# cpu: 100m
75
# memory: 64Mi
76
# requests:
77
# cpu: 10m
78
# memory: 32Mi
79
80
## Additional volume mounts in the kube-rbac-proxy container
81
## See extraVolumes below
82
extraVolumeMounts: []
83
# - name: extra-volume
84
# mountPath: /extra
85
# readOnly: true
86
87
## tls enables using TLS resources from a volume on secret referred to in tlsSecret below.
88
## When enabling tlsClientAuth, client CA certificate must be set in tlsSecret.caItem.
89
## Ref. https://github.com/brancz/kube-rbac-proxy/issues/187
90
tls:
91
enabled: false
92
tlsClientAuth: false
93
## tlsSecret refers to an existing secret holding TLS items: client CA certificate, private key and certificate.
94
## secretName and volumeName can be templated.
95
## If enabled, volume volumeName gets created on secret secretName.
96
## The volume's resources will be used by kube-rbac-proxy if kubeRBACProxy.tls.enabled is set.
97
tlsSecret:
98
enabled: false
99
## Key with client CA certificate (optional)
100
caItem: ""
101
## Key with certificate
102
certItem: tls.crt
103
## Key with private key
104
keyItem: tls.key
105
## Name of an existing secret
106
secretName: prometheus-node-exporter-tls
107
## Name of the volume to be created
108
volumeName: prometheus-node-exporter-tls
109
## Service configuration
110
service:
111
## Creating a service is enabled by default
112
enabled: true
113
## Service type
114
type: ClusterIP
115
## IP address for type ClusterIP
116
clusterIP: ""
117
## Default service port. Sets the port of the exposed container as well (NE or kubeRBACProxy).
118
## Use "servicePort" below if changing the service port only is desired.
119
port: 9100
120
## Service port. Use this field if you wish to set a different service port
121
## without changing the container port ("port" above).
122
servicePort: ""
123
## Targeted port in the pod. Must refer to an open container port ("port" or "portName").
124
## (IntOrString)
125
targetPort: 9100
126
## Name of the service port. Sets the port name of the main container (NE) as well.
127
portName: metrics
128
## Port number for service type NodePort
129
nodePort: null
130
## If true, node exporter will listen on all interfaces
131
listenOnAllInterfaces: true
132
## Additional annotations and labels for the service
133
annotations:
134
prometheus.io/scrape: "true"
135
labels: {}
136
## Dual stack settings for the service
137
## https://kubernetes.io/docs/concepts/services-networking/dual-stack/#services
138
ipDualStack:
139
enabled: false
140
ipFamilies: ["IPv6", "IPv4"]
141
ipFamilyPolicy: "PreferDualStack"
142
## External/Internal traffic policy setting (Cluster, Local)
143
## https://kubernetes.io/docs/reference/networking/virtual-ips/#traffic-policies
144
externalTrafficPolicy: ""
145
internalTrafficPolicy: ""
146
# Set a NetworkPolicy with:
147
# ingress only on service.port or custom policy
148
# no egress permitted
149
networkPolicy:
150
enabled: false
151
# ingress:
152
# - {}
153
# Additional environment variables that will be passed to the daemonset
154
env: {}
155
## env:
156
## VARIABLE: value
157
158
prometheus:
159
monitor:
160
enabled: false
161
additionalLabels: {}
162
namespace: ""
163
jobLabel: ""
164
# List of pod labels to add to node exporter metrics
165
# https://github.com/prometheus-operator/prometheus-operator/blob/main/Documentation/api-reference/api.md#servicemonitor
166
podTargetLabels: []
167
# List of target labels to add to node exporter metrics
168
# https://github.com/prometheus-operator/prometheus-operator/blob/main/Documentation/api-reference/api.md#servicemonitor
169
targetLabels: []
170
scheme: http
171
basicAuth: {}
172
bearerTokenFile:
173
tlsConfig: {}
174
## proxyUrl: URL of a proxy that should be used for scraping.
175
##
176
proxyUrl: ""
177
## Override serviceMonitor selector
178
##
179
selectorOverride: {}
180
## Attach node metadata to discovered targets. Requires Prometheus v2.35.0 and above.
181
##
182
attachMetadata:
183
node: false
184
relabelings: []
185
metricRelabelings: []
186
interval: ""
187
scrapeTimeout: 10s
188
## prometheus.monitor.apiVersion ApiVersion for the serviceMonitor Resource(defaults to "monitoring.coreos.com/v1")
189
apiVersion: ""
190
## SampleLimit defines per-scrape limit on number of scraped samples that will be accepted.
191
##
192
sampleLimit: 0
193
## TargetLimit defines a limit on the number of scraped targets that will be accepted.
194
##
195
targetLimit: 0
196
## Per-scrape limit on number of labels that will be accepted for a sample. Only valid in Prometheus versions 2.27.0 and newer.
197
##
198
labelLimit: 0
199
## Per-scrape limit on length of labels name that will be accepted for a sample. Only valid in Prometheus versions 2.27.0 and newer.
200
##
201
labelNameLengthLimit: 0
202
## Per-scrape limit on length of labels value that will be accepted for a sample. Only valid in Prometheus versions 2.27.0 and newer.
203
##
204
labelValueLengthLimit: 0
205
# PodMonitor defines monitoring for a set of pods.
206
# ref. https://github.com/prometheus-operator/prometheus-operator/blob/main/Documentation/api-reference/api.md#podmonitor
207
# Using a PodMonitor may be preferred in some environments where there is very large number
208
# of Node Exporter endpoints (1000+) behind a single service.
209
# The PodMonitor is disabled by default. When switching from ServiceMonitor to PodMonitor,
210
# the time series resulting from the configuration through PodMonitor may have different labels.
211
# For instance, there will not be the service label any longer which might
212
# affect PromQL queries selecting that label.
213
podMonitor:
214
enabled: false
215
# Namespace in which to deploy the pod monitor. Defaults to the release namespace.
216
namespace: ""
217
# Additional labels, e.g. setting a label for pod monitor selector as set in prometheus
218
additionalLabels: {}
219
# release: kube-prometheus-stack
220
# PodTargetLabels transfers labels of the Kubernetes Pod onto the target.
221
podTargetLabels: []
222
# apiVersion defaults to monitoring.coreos.com/v1.
223
apiVersion: ""
224
# Override pod selector to select pod objects.
225
selectorOverride: {}
226
# Attach node metadata to discovered targets. Requires Prometheus v2.35.0 and above.
227
attachMetadata:
228
node: false
229
# The label to use to retrieve the job name from. Defaults to label app.kubernetes.io/name.
230
jobLabel: ""
231
# Scheme/protocol to use for scraping.
232
scheme: "http"
233
# Path to scrape metrics at.
234
path: "/metrics"
235
# BasicAuth allow an endpoint to authenticate over basic authentication.
236
# More info: https://prometheus.io/docs/operating/configuration/#endpoint
237
basicAuth: {}
238
# Secret to mount to read bearer token for scraping targets.
239
# The secret needs to be in the same namespace as the pod monitor and accessible by the Prometheus Operator.
240
# https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.24/#secretkeyselector-v1-core
241
bearerTokenSecret: {}
242
# TLS configuration to use when scraping the endpoint.
243
tlsConfig: {}
244
# Authorization section for this endpoint.
245
# https://github.com/prometheus-operator/prometheus-operator/blob/main/Documentation/api-reference/api.md#safeauthorization
246
authorization: {}
247
# OAuth2 for the URL. Only valid in Prometheus versions 2.27.0 and newer.
248
# https://github.com/prometheus-operator/prometheus-operator/blob/main/Documentation/api-reference/api.md#oauth2
249
oauth2: {}
250
# ProxyURL eg http://proxyserver:2195. Directs scrapes through proxy to this endpoint.
251
proxyUrl: ""
252
# Interval at which endpoints should be scraped. If not specified Prometheus' global scrape interval is used.
253
interval: ""
254
# Timeout after which the scrape is ended. If not specified, the Prometheus global scrape interval is used.
255
scrapeTimeout: ""
256
# HonorTimestamps controls whether Prometheus respects the timestamps present in scraped data.
257
honorTimestamps: true
258
# HonorLabels chooses the metric's labels on collisions with target labels.
259
honorLabels: true
260
# Whether to enable HTTP2. Default false.
261
enableHttp2: ""
262
# Drop pods that are not running. (Failed, Succeeded).
263
# Enabled by default. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#pod-phase
264
filterRunning: ""
265
# FollowRedirects configures whether scrape requests follow HTTP 3xx redirects. Default false.
266
followRedirects: ""
267
# Optional HTTP URL parameters
268
params: {}
269
# RelabelConfigs to apply to samples before scraping. Prometheus Operator automatically adds
270
# relabelings for a few standard Kubernetes fields. The original scrape job's name
271
# is available via the __tmp_prometheus_job_name label.
272
# More info: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#relabel_config
273
relabelings: []
274
# MetricRelabelConfigs to apply to samples before ingestion.
275
metricRelabelings: []
276
# SampleLimit defines per-scrape limit on number of scraped samples that will be accepted.
277
sampleLimit: 0
278
# TargetLimit defines a limit on the number of scraped targets that will be accepted.
279
targetLimit: 0
280
# Per-scrape limit on number of labels that will be accepted for a sample.
281
# Only valid in Prometheus versions 2.27.0 and newer.
282
labelLimit: 0
283
# Per-scrape limit on length of labels name that will be accepted for a sample.
284
# Only valid in Prometheus versions 2.27.0 and newer.
285
labelNameLengthLimit: 0
286
# Per-scrape limit on length of labels value that will be accepted for a sample.
287
# Only valid in Prometheus versions 2.27.0 and newer.
288
labelValueLengthLimit: 0
289
## Customize the updateStrategy if set
290
updateStrategy:
291
type: RollingUpdate
292
rollingUpdate:
293
maxUnavailable: 1
294
resources: {}
295
# We usually recommend not to specify default resources and to leave this as a conscious
296
# choice for the user. This also increases chances charts run on environments with little
297
# resources, such as Minikube. If you do want to specify resources, uncomment the following
298
# lines, adjust them as necessary, and remove the curly braces after 'resources:'.
299
# limits:
300
# cpu: 200m
301
# memory: 50Mi
302
# requests:
303
# cpu: 100m
304
# memory: 30Mi
305
306
# Specify the container restart policy passed to the Node Export container
307
# Possible Values: Always (default)|OnFailure|Never
308
restartPolicy: null
309
serviceAccount:
310
# Specifies whether a ServiceAccount should be created
311
create: true
312
# The name of the ServiceAccount to use.
313
# If not set and create is true, a name is generated using the fullname template
314
name:
315
annotations: {}
316
imagePullSecrets: []
317
automountServiceAccountToken: false
318
securityContext:
319
fsGroup: 65534
320
runAsGroup: 65534
321
runAsNonRoot: true
322
runAsUser: 65534
323
containerSecurityContext:
324
readOnlyRootFilesystem: true
325
# capabilities:
326
# add:
327
# - SYS_TIME
328
rbac:
329
## If true, create & use RBAC resources
330
##
331
create: true
332
# for deployments that have node_exporter deployed outside of the cluster, list
333
# their addresses here
334
endpoints: []
335
# Expose the service to the host network
336
hostNetwork: true
337
# hostUsers should be `true` or `~` if hostNetwork is true
338
# for more information on the limitations of hostUsers
339
# see https://kubernetes.io/docs/concepts/workloads/pods/user-namespaces/#limitations
340
hostUsers: ~
341
# Share the host process ID namespace
342
hostPID: true
343
# Share the host ipc namespace
344
hostIPC: false
345
# Mount the node's root file system (/) at /host/root in the container
346
hostRootFsMount:
347
enabled: true
348
# Defines how new mounts in existing mounts on the node or in the container
349
# are propagated to the container or node, respectively. Possible values are
350
# None, HostToContainer, and Bidirectional. If this field is omitted, then
351
# None is used. More information on:
352
# https://kubernetes.io/docs/concepts/storage/volumes/#mount-propagation
353
mountPropagation: HostToContainer
354
# Mount the node's proc file system (/proc) at /host/proc in the container
355
hostProcFsMount:
356
# Possible values are None, HostToContainer, and Bidirectional
357
mountPropagation: ""
358
# Mount the node's sys file system (/sys) at /host/sys in the container
359
hostSysFsMount:
360
# Possible values are None, HostToContainer, and Bidirectional
361
mountPropagation: ""
362
## Assign a group of affinity scheduling rules
363
## The default nodeAffinity excludes Fargate nodes and virtual kubelets from scheduling
364
## unless overridden by hard node affinity set in the field.
365
affinity: {}
366
# nodeAffinity:
367
# requiredDuringSchedulingIgnoredDuringExecution:
368
# nodeSelectorTerms:
369
# - matchFields:
370
# - key: metadata.name
371
# operator: In
372
# values:
373
# - target-host-name
374
375
# Annotations to be added to node exporter pods
376
podAnnotations:
377
# Fix for very slow GKE cluster upgrades
378
cluster-autoscaler.kubernetes.io/safe-to-evict: "true"
379
# Extra labels to add to node exporter pods (can be templated)
380
podLabels: {}
381
## Extra labels to attach to all resources (can be templated)
382
commonLabels: {}
383
# Annotations to be added to node exporter daemonset
384
daemonsetAnnotations: {}
385
## set to true to add the release label so scraping of the servicemonitor with kube-prometheus-stack works out of the box
386
releaseLabel: false
387
# DNS policy for prometheus-node-exporter pods
388
# When hostNetwork is true, you typically want "Default" or "ClusterFirstWithHostNet"
389
# Ref: https://kubernetes.io/docs/concepts/services-networking/dns-pod-service/#pod-s-dns-policy
390
dnsPolicy: ""
391
# Custom DNS configuration to be added to prometheus-node-exporter pods
392
dnsConfig: {}
393
# nameservers:
394
# - 1.2.3.4
395
# searches:
396
# - ns1.svc.cluster-domain.example
397
# - my.dns.search.suffix
398
# options:
399
# - name: ndots
400
# value: "2"
401
# - name: edns0
402
403
## Assign a nodeSelector if operating a hybrid cluster
404
##
405
nodeSelector:
406
kubernetes.io/os: linux
407
# kubernetes.io/arch: amd64
408
# Specify grace period for graceful termination of pods. Defaults to 30 if null or not specified
409
terminationGracePeriodSeconds: null
410
tolerations:
411
- effect: NoSchedule
412
operator: Exists
413
# Enable or disable container termination message settings
414
# https://kubernetes.io/docs/tasks/debug/debug-application/determine-reason-pod-failure/
415
terminationMessageParams:
416
enabled: false
417
# If enabled, specify the path for termination messages
418
terminationMessagePath: /dev/termination-log
419
# If enabled, specify the policy for termination messages
420
terminationMessagePolicy: File
421
## Assign a PriorityClassName to pods if set
422
# priorityClassName: ""
423
424
## Additional container arguments
425
##
426
extraArgs: []
427
# - --collector.diskstats.ignored-devices=^(ram|loop|fd|(h|s|v)d[a-z]|nvme\\d+n\\d+p)\\d+$
428
# - --collector.textfile.directory=/run/prometheus
429
430
## Additional mounts from the host to node-exporter container
431
##
432
extraHostVolumeMounts: []
433
# - name: <mountName>
434
# hostPath: <hostPath>
435
# https://kubernetes.io/docs/concepts/storage/volumes/#hostpath-volume-types
436
# type: "" (Default)|DirectoryOrCreate|Directory|FileOrCreate|File|Socket|CharDevice|BlockDevice
437
# mountPath: <mountPath>
438
# readOnly: true|false
439
# mountPropagation: None|HostToContainer|Bidirectional
440
441
## Additional configmaps to be mounted.
442
##
443
configmaps: []
444
# - name: <configMapName>
445
# mountPath: <mountPath>
446
447
secrets: []
448
# - name: <secretName>
449
# mountPath: <mountPatch>
450
451
## Override the deployment namespace
452
##
453
namespaceOverride: ""
454
## Additional containers for export metrics to text file; fields image,imagePullPolicy,securityContext take default value from main container
455
##
456
sidecars: []
457
# - name: nvidia-dcgm-exporter
458
# image: nvidia/dcgm-exporter:1.4.3
459
# volumeMounts:
460
# - name: tmp
461
# mountPath: /tmp
462
463
## Volume for sidecar containers
464
##
465
sidecarVolumeMount: []
466
# - name: collector-textfiles
467
# mountPath: /run/prometheus
468
# readOnly: false
469
470
## Additional mounts from the host to sidecar containers
471
##
472
sidecarHostVolumeMounts: []
473
# - name: <mountName>
474
# hostPath: <hostPath>
475
# mountPath: <mountPath>
476
# readOnly: true|false
477
# mountPropagation: None|HostToContainer|Bidirectional
478
479
## Additional InitContainers to initialize the pod
480
##
481
extraInitContainers: []
482
## Additional InitContainer to fix hostfile permissions required for some exporters. All fixes are disabled by default.
483
##
484
permissionInitContainer:
485
image:
486
registry: quay.io
487
repository: prometheus/busybox
488
tag: latest
489
sha: ""
490
pullPolicy: IfNotPresent
491
securityContext:
492
runAsUser: 0
493
runAsGroup: 0
494
runAsNonRoot: false
495
fixes:
496
# Fixes /sys/devices/virtual/powercap/*/energy_uj
497
# Collector enabled by default
498
rapl: false
499
# Fixes /proc/slabinfo
500
# Collector disabled by default
501
slabinfo: false
502
extraCommands: []
503
## Liveness probe
504
##
505
livenessProbe:
506
failureThreshold: 3
507
httpGet:
508
httpHeaders: []
509
scheme: http
510
initialDelaySeconds: 0
511
periodSeconds: 10
512
successThreshold: 1
513
timeoutSeconds: 1
514
## Readiness probe
515
##
516
readinessProbe:
517
failureThreshold: 3
518
httpGet:
519
httpHeaders: []
520
scheme: http
521
initialDelaySeconds: 0
522
periodSeconds: 10
523
successThreshold: 1
524
timeoutSeconds: 1
525
# Enable vertical pod autoscaler support for prometheus-node-exporter
526
verticalPodAutoscaler:
527
enabled: false
528
# Recommender responsible for generating recommendation for the object.
529
# List should be empty (then the default recommender will generate the recommendation)
530
# or contain exactly one recommender.
531
# recommenders:
532
# - name: custom-recommender-performance
533
534
# List of resources that the vertical pod autoscaler can control. Defaults to cpu and memory
535
controlledResources: []
536
# Specifies which resource values should be controlled: RequestsOnly or RequestsAndLimits.
537
# controlledValues: RequestsAndLimits
538
539
# Define the max allowed resources for the pod
540
maxAllowed: {}
541
# cpu: 200m
542
# memory: 100Mi
543
# Define the min allowed resources for the pod
544
minAllowed: {}
545
# cpu: 200m
546
# memory: 100Mi
547
# updatePolicy:
548
# Specifies minimal number of replicas which need to be alive for VPA Updater to attempt pod eviction
549
# minReplicas: 1
550
# Specifies whether recommended updates are applied when a Pod is started and whether recommended updates
551
# are applied during the life of a Pod. Possible values are "Off", "Initial", "Recreate", and "Auto".
552
# updateMode: Auto
553
554
# Extra manifests to deploy as an array
555
extraManifests: []
556
# - |
557
# apiVersion: v1
558
# kind: ConfigMap
559
# metadata:
560
# name: prometheus-extra
561
# data:
562
# extra-data: "value"
563
564
## Extra volumes to become available in the pod
565
extraVolumes: []
566
# - name: extra-volume
567
# secret:
568
# defaultMode: 420
569
# optional: false
570
# secretName: node-exporter-secret
571
572
## Extra volume mounts in the node-exporter container
573
extraVolumeMounts: []
574
# - name: extra-volume
575
# mountPath: /extra
576
# readOnly: true
577
578
# Override version of app, required if image.tag is defined and does not follow semver
579
version: ""
580
The trusted source for open source
Talk to an expertProduct
Customers
© 2026 Chainguard, Inc. All Rights Reserved.
Chainguard® and the Chainguard logo are registered trademarks of Chainguard, Inc. in the United States and/or other countries.
The other respective trademarks mentioned on this page are owned by the respective companies and use of them does not imply any affiliation or endorsement.
Chainguard® and the Chainguard logo are registered trademarks of Chainguard, Inc. in the United States and/or other countries.
The other respective trademarks mentioned on this page are owned by the respective companies and use of them does not imply any affiliation or endorsement.